The username and password supplied when creating the RDS cluster have the role of rds_superuser, which grants permissions to the user for doing advanced database management activities. It is recommended that a service user can be created whose credentials can be distributed to clients accessing the database (for example, a lambda function).
This makes credential-rotation easy and prevents the proliferation of master credentials.
Get Hands-On Serverless Applications with Kotlin now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.
Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.
Start your free trial Become a member now